<?php
namespace App\SDK\PingAn\library;

class Rsa
{
    private $_certs;

    public function sign($str)
    {
        $privateKey = openssl_get_privatekey($this->getPrivateKey());
        if ($privateKey) {
            $verify = openssl_sign($str, $signature, $privateKey, OPENSSL_ALGO_MD5);
            openssl_free_key($privateKey);
            $result = base64_encode($signature);
        } else {
            //private key resource identifier False!
            $result = false;
        }
        return $result;
    }

    public function isValid($str, $signature)
    {
        $publicKey = openssl_get_publickey($this->getPublicKey());
        if ($publicKey)
        {
            $ret = openssl_verify($str, base64_decode($signature), $publicKey, OPENSSL_ALGO_MD5);
            $result = $ret == 1;
        } else {
            //public key resource identifier False!
            $result = false;
        }
        return $result;
    }

    public function publicEncrypt($str) {
        $publicKey = openssl_pkey_get_public($this->getPublicKey());
        if($publicKey){
            //第一个参数是待加密的数据只能是string，第二个参数是加密后的数据,第三个参数是openssl_pkey_get_public返回的资源类型,第四个参数是填充方式
            $encryptResult = openssl_public_encrypt($str, $crypted, $publicKey);
            if($encryptResult){
                $result = base64_encode($crypted);
            } else {
                //'加密失败,请检查RSA秘钥'
                $result = false;
            }
        } else {
            //'公钥不可用'
            $result = false;
        }
        return $result;
    }

    public function privateDecrypt($str) {
        //私钥解密
        $privateKey = openssl_pkey_get_private($this->getPrivateKey());
        if($privateKey){
            $decryptResult = openssl_private_decrypt(base64_decode($str), $decrypted, $privateKey);
            if($decryptResult){
                $result = $decrypted;
            } else {
                //'解密失败,请检查RSA秘钥'
                $result = false;
            }
        } else {
            //'私钥不可用'
            $result = false;
        }
        return $result;
    }

    public function privateEncrypt($str) {
        //私钥加密
        $privateKey = openssl_pkey_get_private($this->getPrivateKey());
        if($privateKey){
            $encryptResult = openssl_private_encrypt($str, $crypted, $privateKey);
            if($encryptResult){
                $result = base64_encode($crypted);
            } else {
                //'加密失败,请检查RSA秘钥'
                $result = false;
            }
        } else {
            //'私钥不可用'
            $result = false;
        }
        return $result;
    }

    public function publicDecrypt($str) {
        //公钥解密
        $publicKey = openssl_pkey_get_public($this->getPublicKey());
        if($publicKey){
            $decryptResult = openssl_public_decrypt(base64_decode($str), $decrypted, $publicKey);
            if($decryptResult){
                $result = $decrypted;
            } else {
                //'解密失败,请检查RSA秘钥'
                $result = false;
            }
        } else {
            //'公钥不可用'
            $result = false;
        }
        return $result;
    }

    private function getPublicKey() {
        return '-----BEGIN CERTIFICATE-----' . "\n" . Config::get('public_key') . "\n" . '-----END CERTIFICATE-----';
    }

    private function getPrivateKey() {
        return '-----BEGIN PRIVATE KEY-----' . "\n" . Config::get('private_key') . "\n" . '-----END PRIVATE KEY-----';
    }
}
